class UserController {

    def index = { redirect(action: list, params: params) }

    // the delete, save and update actions only accept POST requests
    def allowedMethods = [delete: 'POST', save: 'POST', update: 'POST']

    def list = {
        if (!params.max) params.max = 10
        [userList: User.list(params)]
    }

    def show = {
        def user = User.get(params.id)

        if (!user) {
            flash.message = "User not found with id ${params.id}"
            redirect(action: list)
        }
        else { return [user: user] }
    }

    def delete = {
        def user = User.get(params.id)
        if (user) {
            user.delete()
            flash.message = "User ${params.id} deleted"
            redirect(action: list)
        }
        else {
            flash.message = "User not found with id ${params.id}"
            redirect(action: list)
        }
    }

    def edit = {
        def user = User.get(params.id)

        if (!user) {
            flash.message = "User not found with id ${params.id}"
            redirect(action: list)
        }
        else {
            return [user: user]
        }
    }

    def update = {
        def user = User.get(params.id)
        if (user) {
            user.properties = params

            user.authorities.clear()
            user.authorities.add(Role.get(params.authorities))

            if (!user.hasErrors() && user.save()) {
                flash.message = "User ${params.id} updated"
                redirect(action: show, id: user.id)
            }
            else {

                render(view: 'edit', model: [user: user])
            }
        }
        else {
            flash.message = "User not found with id ${params.id}"
            redirect(action: edit, id: params.id)
        }
    }

    def create = {

        def user = new User()

        user.properties = params

        return ['user': user]
    }

    def save = {
        def user = new User(params)

        //non standard validation, a bit of a hack as transient properties cannot be validated in the normal way (GRAILS-1263)
        user.validateAll()

        user.authorities.clear()
        user.authorities.add(Role.get(params.authorities))
        if (!user.hasErrors() && user.save()) {

            flash.message = "User ${user.id} created"
            redirect(action: show, id: user.id)
        }
        else {
            render(view: 'create', model: [user: user])
        }
    }
}
